diff options
Diffstat (limited to 'channels/chan_iax2.c')
-rw-r--r-- | channels/chan_iax2.c | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c index 0a7260752..9ade0db7e 100644 --- a/channels/chan_iax2.c +++ b/channels/chan_iax2.c @@ -6254,6 +6254,10 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies * p = find_peer(peer, 1); ast_mutex_lock(&iaxsl[callno]); if (!p || !iaxs[callno]) { + if (iaxs[callno]) { + /* Anything, as long as it's non-blank */ + ast_string_field_set(iaxs[callno], secret, "badsecret"); + } if (authdebug && !p) ast_log(LOG_NOTICE, "No registration for peer '%s' (from %s)\n", peer, ast_inet_ntoa(sin->sin_addr)); goto return_unref; @@ -6333,21 +6337,24 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies * goto return_unref; } else ast_set_flag(&iaxs[callno]->state, IAX_STATE_AUTHENTICATED); - } else if (!ast_strlen_zero(md5secret) || !ast_strlen_zero(secret)) { - if (authdebug) - ast_log(LOG_NOTICE, "Inappropriate authentication received\n"); + } else if (!ast_strlen_zero(p->secret) || !ast_strlen_zero(p->inkeys)) { + if (authdebug && + ((!ast_strlen_zero(p->secret) && (p->authmethods & IAX_AUTH_MD5) && !ast_strlen_zero(iaxs[callno]->challenge)) || + (!ast_strlen_zero(p->inkeys) && (p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(iaxs[callno]->challenge)))) { + ast_log(LOG_NOTICE, "Inappropriate authentication received for '%s'\n", p->name); + } goto return_unref; } + ast_devstate_changed(AST_DEVICE_UNKNOWN, "IAX2/%s", p->name); /* Activate notification */ + +return_unref: ast_string_field_set(iaxs[callno], peer, peer); /* Choose lowest expiry number */ if (expire && (expire < iaxs[callno]->expiry)) iaxs[callno]->expiry = expire; - ast_device_state_changed("IAX2/%s", p->name); /* Activate notification */ - res = 0; -return_unref: if (p) peer_unref(p); @@ -7078,25 +7085,20 @@ static int registry_authrequest(int callno) struct iax2_peer *p; char challenge[10]; const char *peer_name; - int res = -1; int sentauthmethod; peer_name = ast_strdupa(iaxs[callno]->peer); /* SLD: third call to find_peer in registration */ ast_mutex_unlock(&iaxsl[callno]); - if (p = find_peer(peer_name, 1)) { + if ((p = find_peer(peer_name, 1))) { last_authmethod = p->authmethods; } ast_mutex_lock(&iaxsl[callno]); if (!iaxs[callno]) goto return_unref; - if (!p && !delayreject) { - ast_log(LOG_WARNING, "No such peer '%s'\n", peer_name); - goto return_unref; - } - + memset(&ied, 0, sizeof(ied)); /* The selection of which delayed reject is sent may leak information, * if it sets a static response. For example, if a host is known to only @@ -7114,12 +7116,12 @@ static int registry_authrequest(int callno) } iax_ie_append_str(&ied, IAX_IE_USERNAME, peer_name); - res = 0; - return_unref: - peer_unref(p); + if (p) { + peer_unref(p); + } - return res ? res : send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGAUTH, 0, ied.buf, ied.pos, -1);; + return iaxs[callno] ? send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGAUTH, 0, ied.buf, ied.pos, -1) : -1; } static int registry_rerequest(struct iax_ies *ies, int callno, struct sockaddr_in *sin) |